Closed mbainter closed 2 days ago
Voting for Prioritization
Volunteering to Work on This Issue
This feature is really missing
We really need this to avoid deploying a stackset to a couple of accoutns
This is related to issue https://github.com/hashicorp/terraform-provider-aws/issues/26917 and pr https://github.com/hashicorp/terraform-provider-aws/pull/26935
[!WARNING] This issue has been closed, meaning that any additional comments are hard for our team to see. Please assume that the maintainers will not see them.
Ongoing conversations amongst community members are welcome, however, the issue will be locked after 30 days. Moving conversations to another venue, such as the AWS Provider forum, is recommended. If you have additional concerns, please open a new issue, referencing this one where needed.
Description
When deploying StackSets using aws_cloudformation_stack_set_instance the API provides a means to manage which accounts in the target OUs will receive the deploys.
You can specify a list of accounts, and then affect how that list is used with the filter type:
This is particularly important when using the SERVICE_MANAGED permission model, as you cannot target or exclude individual accounts with the resources currently provided. If you try to do something like what is in the documentation:
when using a SERVICE_MANAGED model you get a validation error:
Affected Resource(s) and/or Data Source(s)
Potential Terraform Configuration
References
Would you like to implement a fix?
No